What is data enrichment service?

Our data enrichment service provides professional email lookup for business emails and LinkedIn data extraction. Through data enrichment, you get detailed information from email addresses and comprehensive profile information. Our service specializes in data enrichment, email lookup, and LinkedIn profile data extraction.

What are the benefits of data enrichment service?

Data enrichment helps sales teams, recruiters, and marketers get comprehensive information through email lookup and LinkedIn data extraction. Benefits include: enhanced lead qualification, improved personalization for outreach, better prospect research, increased conversion rates, streamlined customer verification, and more effective networking. Perfect for B2B data enrichment and professional relationship building.

Can I try the data enrichment service for free?

Absolutely! Our free trial includes 20 data enrichment searches with full access to all features including email lookup, LinkedIn URL data extraction, and comprehensive data enrichment. No credit card required to start enriching your data.

Is Linkepy GDPR and CCPA compliant?

Linkepy is 100% GDPR and CCPA compliant. Unlike most solutions on the market, we do not use databases (neither purchased nor built up from our clients). We have developed our own search algorithms. This allows us to be systematically up to date in the information we deliver in real-time.

Linkepy Data Processing Agreement (DPA)

Last updated: 21.09.2025

This Data Processing Agreement (the "DPA") forms part of and supplements the Terms of Use / Order or other master agreement between Linkepy and the customer that purchases or uses the Services ("Customer") (together, the "Agreement").

1. Parties & Roles

Linkepy (the "Processor" when processing Customer Personal Data under Customer's instructions; an independent Controller for Customer Account Data and Customer Usage Data as defined below).
Customer acts as Controller (or as a Processor on behalf of its own controller, as applicable) for Customer Personal Data.

Each party shall comply with its obligations under applicable Data Protection Laws including EU/EEA GDPR, UK GDPR, Swiss FADP, and Türkiye KVKK.

2. Definitions

Customer Personal Data means Personal Data uploaded to, provided to, or obtained by Linkepy for processing on Customer's behalf in the provision of the Services (e.g., contact files, CRM sync data).

Customer Account Data means business contact and billing data relating to the Agreement (e.g., authorized users, billing contact, VAT/KDV information).

Customer Usage Data means telemetry, logs, and diagnostics generated by use of the Services (e.g., API metrics, event logs) used to secure, operate, and improve the Services.

Data Protection Laws means all laws applicable to the processing of Personal Data under the Agreement, including GDPR, UK GDPR/Data Protection Act 2018, Swiss FADP, KVKK, and e‑privacy/anti‑spam rules.

SCCs means the EU Standard Contractual Clauses adopted by the European Commission (Decision 2021/914) including their Annexes.

UK IDTA/Addendum means the UK International Data Transfer Addendum to the EU SCCs issued by the ICO (21 March 2022).

Other terms (e.g., Controller, Processor, Personal Data, Processing, Personal Data Breach, Supervisory Authority) have the meaning given in Data Protection Laws.

3. Scope & Processing Instructions

3.1 Subject matter, nature, purpose, duration, categories and data subjects are described in Annex I (A–C).

3.2 Linkepy shall process Customer Personal Data only on Customer's documented instructions, including regarding international transfers, unless Linkepy is required by law to act otherwise (in which case it shall inform Customer unless prohibited by law).

3.3 Customer is responsible for providing all required notices and obtaining consents/legal bases and shall not submit special categories or other Prohibited Data unless expressly agreed in writing.

4. Confidentiality & Personnel

Linkepy ensures that personnel authorized to process Customer Personal Data are bound by confidentiality obligations and receive appropriate privacy and security training.

5. Security Measures

Linkepy implements technical and organizational measures appropriate to the risk, as described in Annex II (TOMs), including access controls, encryption in transit/at rest where applicable, vulnerability management, logging/monitoring, and business continuity. Customer is responsible for securing its own systems and credentials.

6. Sub‑processors

6.1 Customer provides general written authorization for Linkepy to engage Sub‑processors to support the Services. A current list is maintained at: https://www.linkepy.com/subprocessors (the "List").

6.2 Linkepy will notify Customer of changes to the List at least 14 days before enabling a new Sub‑processor (email, dashboard, or RSS). Customer may object on reasonable data‑protection grounds within 7 days of notice. If no feasible alternative is available, Customer may discontinue the affected Service; fees already due remain payable.

6.3 Linkepy shall enter into written agreements with Sub‑processors imposing data‑protection obligations no less protective than this DPA and remains liable for their performance.

7. International Data Transfers

7.1 Linkepy may transfer Customer Personal Data outside of its origin jurisdiction subject to appropriate transfer mechanisms and safeguards.

7.2 EU/EEA transfers: The parties enter into the SCCs as incorporated by reference and completed in Annex I and Annex II as follows:

Module Two (C→P) applies when Customer is Controller and Linkepy is Processor.
Module Three (P→P) applies when Customer is Processor and Linkepy is sub‑processor.

Options/choices: Clause 7 (Docking) – not used; Clause 9 – Option 2 (general authorization; 14‑day notice); Clause 11 – not used; Clause 17 – governing law: Ireland (or another EU Member State chosen by Customer); Clause 18 – courts: the chosen Member State.

7.3 UK transfers: The UK IDTA/Addendum to the SCCs is incorporated by reference and completed by Annex I/II and this DPA.

7.4 Swiss transfers: The SCCs apply with customary FDPIC adaptations (e.g., references to Swiss FADP and FDPIC; data subjects may bring claims in Switzerland).

7.5 Linkepy applies supplementary measures where appropriate consistent with Schrems II guidance.

8. Assistance & Data Subjects' Rights

8.1 Taking into account the nature of processing, Linkepy shall assist Customer by appropriate technical and organizational measures, insofar as possible, to respond to data‑subject requests (access, rectification, erasure, restriction, portability, objection) under Data Protection Laws.

8.2 If Linkepy receives a request directly, it will redirect the requester to Customer unless legally prohibited.

8.3 Linkepy shall provide reasonable assistance with DPIAs, prior consultations, and records, taking into account the nature of processing and information available to Linkepy. Linkepy may charge reasonable costs where permitted by law.

9. Audit & Compliance Information

9.1 Upon written request once per 12‑month period, Linkepy will make available summary reports, certifications, or independent assessment summaries relevant to the Services' data protection.

9.2 If such materials are insufficient to satisfy Customer's legal obligations, Customer may conduct (or mandate a third party to conduct) a review or audit of Linkepy's relevant controls, subject to: (a) reasonable prior notice; (b) non‑disruption of operations; (c) confidentiality; (d) scope limited to systems processing Customer Personal Data; (e) frequency cap of once per 12 months except following a material security incident. Customer bears its own and Linkepy's reasonable costs for on‑site audits.

10. Personal Data Breach Notification

Linkepy shall notify Customer without undue delay upon becoming aware of a Personal Data Breach affecting Customer Personal Data and provide information reasonably available to assist Customer in meeting its legal obligations. Notifications may be delivered to Customer's admin/billing contacts. Linkepy's notification is not an admission of fault.

11. Return & Deletion

Upon termination/expiry of the Agreement or on Customer's written request, Linkepy will delete or return Customer Personal Data (at Customer's choice) within a commercially reasonable time, unless retention is required by law. Certification of deletion is available upon request.

12. Liability & Conflict

12.1 Each party's liability under or in connection with this DPA is subject to the limitations and exclusions in the Agreement, except to the extent prohibited by law.

12.2 In case of conflict, the following order of precedence applies: (i) SCCs/UK Addendum, (ii) this DPA, (iii) the Agreement, (iv) Linkepy policies.

13. Controller Activities by Linkepy

For Customer Account Data and Customer Usage Data, Linkepy acts as an independent Controller to: (i) manage the relationship and perform core business operations (invoicing, accounting, audits, tax); (ii) secure, operate, and improve the Services (fraud detection, incident response, service analytics); (iii) comply with legal obligations. Processing will be in accordance with Linkepy's Privacy Policy.

14. Governing Law & Jurisdiction

Where the SCCs/UK Addendum apply, their chosen law and forum govern international transfer disputes. For the remainder of this DPA, the governing law and forum follow the Agreement (e.g., Republic of Türkiye; Istanbul courts).

15. Miscellaneous

If any provision is held invalid, the remainder remains in effect. This DPA may be executed electronically and in counterparts.

Annex I — Description of Processing

A. Parties

Data Exporter (Customer): Name, address, and contact as per the Order/Agreement. Role: Controller (or Processor where Customer processes for its own controller).
Data Importer (Linkepy): Role: Processor for Customer Personal Data; contact: [email protected]; address: To be announced (Istanbul, Türkiye); website: https://www.linkepy.com/

B. Subject‑matter, Nature, Purpose

Provision of B2B data‑operations and enrichment Services, including validation, cleaning, deduplication, correction, synchronization, enrichment, and organization of Customer‑provided datasets and configured CRM integrations; hosting, storage, transmission; support; monitoring and security.

C. Categories of Data Subjects

Customer's employees/contractors/agents; Customer's business contacts/leads contained in Customer's datasets; any other data subjects whose data Customer lawfully submits.

D. Types/Categories of Personal Data

Business identifiers and contact details (name, title, email, phone, company, department), online identifiers (IP, device/user IDs), interaction metadata, and other data included in files/integrations as configured by Customer. Special categories/sensitive data are prohibited unless expressly agreed.

E. Frequency & Duration

Continuous or as initiated by Customer for the term of the Agreement, plus limited backup/archival retention consistent with Section 11 and Annex II.

F. Transfers

Global infrastructure and service providers as listed on https://www.linkepy.com/subprocessors; safeguards per Section 7.

Annex II — Technical & Organizational Measures (TOMs)

Information Security Program with policies covering asset management, access control, cryptography, operations security, communications security, development/security testing, incident response, business continuity, and vendor risk management.

Access Control & Authentication

Role‑based access; least privilege; SSO/MFA for admin access where supported; strong password policy; periodic access review; session management.

Encryption

TLS for data in transit; encryption at rest for primary storage and backups where applicable; key management via reputable cloud KMS.

Network & Infrastructure Security

Segmentation, security groups/firewalls, hardened images, patch/vulnerability management, anti‑malware where appropriate, DDoS protections by cloud provider.

Application Security

SDLC with code review; dependency scanning; secret management; CI/CD with approvals; static/dynamic testing as appropriate; handling of reported vulnerabilities.

Logging & Monitoring

Centralized logging of security‑relevant events; alerting; retention consistent with legal and operational needs; tamper‑resistant logs where feasible.

Backup & Business Continuity

Regular backups; geographically separate storage where applicable; restore testing; disaster recovery runbooks and RTO/RPO objectives.

Physical Security

Data centers operated by reputable providers with industry‑standard physical controls (badges, CCTV, guards, visitor logs, environmental safeguards).

Vendor/Sub‑processor Management

Security/privacy due diligence; DPAs with appropriate terms; transfer impact assessments where applicable; ongoing monitoring.

Data Minimization & Retention

Customer‑configurable retention for enrichment files; default transient retention ≤ 30 days for file‑upload results unless otherwise configured; secure deletion upon request or end of term.

Incident Response

Documented procedures; breach assessment; timely notification to Customer; post‑incident review and corrective actions.

Employee Awareness & Training

Regular privacy/security training; confidentiality obligations; disciplinary measures for violations.

Annex III — Sub‑processors

A current list of Sub‑processors, their roles, and locations is maintained at https://www.linkepy.com/subprocessors. Notification mechanics and objection process are described in Section 6 of this DPA.

Execution

By continuing to use the Services or by signing the Agreement referencing this DPA, the parties are deemed to have executed this DPA, including the SCCs/UK Addendum as applicable, with Annexes incorporated by reference.